/** * Set user as a current if they are valid * * @param PFUser $user * @throws User_StatusDeletedException * @throws User_StatusSuspendedException * @throws User_StatusInvalidException * @throws User_StatusPendingException * @throws User_PasswordExpiredException */ public function validateAndSetCurrentUser(PFUser $user) { $status_manager = new User_UserStatusManager(); $status_manager->checkStatus($user); $this->password_expiration_checker->checkPasswordLifetime($user); $this->user_manager->setCurrentUser($user); }
function register_valid($user_id, CSRFSynchronizerToken $csrf, EventManager $event_manager) { $request = HTTPRequest::instance(); if (!$request->isPost() || !$request->exist('Update')) { return 0; } $csrf->check(); // check against old pw $user_manager = UserManager::instance(); $user = $user_manager->getUserById($user_id); if ($user === null) { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'user_not_found')); return 0; } $password_expiration_checker = new User_PasswordExpirationChecker(); $password_handler = PasswordHandlerFactory::getPasswordHandler(); $login_manager = new User_LoginManager($event_manager, $user_manager, $password_expiration_checker, $password_handler); if (!$login_manager->verifyPassword($user, $request->get('form_oldpw'))) { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'incorrect_old_password')); return 0; } try { $status_manager = new User_UserStatusManager(); $status_manager->checkStatus($user); } catch (User_StatusInvalidException $exception) { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'account_inactive')); return 0; } if (!$request->exist('form_pw')) { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'password_needed')); return 0; } if ($request->get('form_pw') != $request->get('form_pw2')) { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'password_not_match')); return 0; } if ($request->get('form_pw') === $request->get('form_oldpw')) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('account_change_pw', 'identical_password')); return 0; } if (!account_pwvalid($request->get('form_pw'), $errors)) { foreach ($errors as $e) { $GLOBALS['Response']->addFeedback('error', $e); } return 0; } // if we got this far, it must be good $user->setPassword($request->get('form_pw')); if (!$user_manager->updateDb($user)) { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_change_pw', 'internal_error_update')); return 0; } return 1; }
/** * Open a session for user * * @param PFUser $user * @return type * @throws UserNotExistException * @throws UserNotActiveException * @throws SessionNotCreatedException */ public function openSessionForUser(PFUser $user) { if (!$user) { throw new UserNotExistException(); } try { $status_manager = new User_UserStatusManager(); $status_manager->checkStatus($user); $this->openWebSession($user); } catch (User_StatusInvalidException $exception) { throw new UserNotActiveException(); } }